Linux下用dnsmasq做dns cache server的配置方法
最近国外的服务器本地DNS总是出故障,闪断一会儿都会影响业务。于是在机房里找了两台Server,安装上keepalived和dnsmasq实际本地的DNS缓存目前最新版是2.7.1 ,可去其FTP下载:http://www.thekelleys.org.uk/dnsmasq/
安装过程比较简单
yum -y install dnsmasq*
wget http://www.keepalived.org/software/keepalived-1.2.9.tar.gz
tar zxvf keepalived-1.2.9.tar.gz
cd keepalived-1.2.9
./configure --prefix=/usr/local/keepalived
make && make install
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
chkconfig --add keepalived
chkconfig --level 35 keepalived on
keepalived的配置很简单,只需要配置一个VIP可以在两台Server之间飘来飘去就可以实现主备了
! Configuration File for keepalived
global_defs {
notification_email {
xxx@xxx.com
}
notification_email_from xxx@xxx.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance dnscache {
state MASTER // 另一台配置BACKUP
interface eth1 // 在哪个接口上进行服务器状态检测
virtual_router_id 51
priority 180 // BACKUP机器上配置100
advert_int 1 // 检查间隔,单位为秒
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress { // VIP设置,指定到内网网卡
192.168.100.99/24 dev eth1
}
}
dnsmasq的配置也很简单
resolv-file=/etc/resolv.dnsmasq.conf
cache-size=1000
conf-dir=/etc/dnsmasq.d
将dns地址写入到/etc/resolv.dnsmasq.conf文件中
echo "nameserver 8.8.8.8" > /etc/resolv.dnsmasq.conf
本机和局域网其它全部的服务器dns解析都用它
echo "nameserver 192.168.100.99" > /etc/resolv.conf
最后找一台局域网Server验证一下,如果能解析就说明正常了.
nslookup www.google.cn 192.168.100.99
此方案只适合小型企业,规模少的情况下使用,解析量大的时候还是用bind最好。
下面是其它网友的补充:
sudo pacman -S --needed dnsmasq
cd /etc
$ sudo cp -v dnsmasq.conf{,.orig}
`dnsmasq.conf' -> `dnsmasq.conf.orig'
$ sudo vim dnsmasq.conf
相比来说,dnsmasq的配置简单多了:
resolv-file=/etc/dnsmasq.resolv.conf
addn-hosts=/etc/dnsmasq.hosts
local=/localnet/
no-dhcp-interface=eth0
conf-dir=/etc/dnsmasq.d
$ sudo cp -v resolv.conf dnsmasq.resolv.conf
Password:
`resolv.conf' -> `dnsmasq.resolv.conf'
sudo mkdir /etc/dnsmasq.d
sudo touch /etc/dnsmasq.hosts
sudo /etc/rc.d/dnsmasq start
最后,别忘记加入rc.conf DAEMONS,注意要在network后面。
dnsmasq 可从额外的hosts文件读取条目,如可以这样添加正向解析:
echo "IP地址 域名" > /etc/dnsmasq.hosts
另外,重启dnsmasq可以用SIGHUP(可以在修改hosts文件后,让配置生效)
killall -s SIGHUP dnsmasq
查看服务状态:
netstat -tunl
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:53 0.0.0.0:*
再dig 一下,发现稳定在4ms ,我晕,同样的配置,我在一台ubuntu server 10.04 上面dig 是1ms ,在我本地居然在4ms ,囧
http://www.zzvips.com/article/198405.html
页:
[1]